US9426227B2ActiveUtilityA1

Connection leasing for hosted services

Assignee: CITRIX SYSTEMS INCPriority: Feb 16, 2012Filed: Oct 7, 2014Granted: Aug 23, 2016
Est. expiryFeb 16, 2032(~5.6 yrs left)· nominal 20-yr term from priority
Inventors:Kenneth Bell
H04L 67/14H04L 63/0807H04L 63/10H04L 63/08H04L 63/0428H04L 67/141G06F 9/468H04L 67/38H04L 67/131
91
PatentIndex Score
13
Cited by
30
References
19
Claims

Abstract

Aspects herein describe brokering hosted resources in a virtual desktop infrastructure (VDI) using connection leases to reduce demand on connection brokers and to allow hosted services to be maintained even in the event of a broker outage. When a client device desires to connect to a hosted resource (e.g., a hosted desktop or a hosted application), the client device may present a lease token to the session host. The lease token is a self-sustaining package of data from which a session host can determine whether the requesting client device is authorized to access one or more resources hosted by that session host. The lease token may be cryptographically signed to ensure its contents have not been altered, and further that the lease token originated from a trusted source. Lease tokens may be stored independently from a connection broker, thereby still being usable if the connection broker goes offline.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A session host apparatus, comprising:
 a processor controlling operations of the session host apparatus; and 
 memory storing computer readable instructions that, when executed by the processor, cause the session host apparatus to establish a session with a session client by: 
 receiving a lease token associated with a session client, wherein the lease token is a self-sustaining package of cryptographically signed connection lease data from which the session host apparatus can determine whether the session client device is authorized to access one or more resources hosted by that session host, wherein the lease token comprises a plurality of data fields, each data field defining a different one of a lease ID, a set of one or more client devices, a set of one or more session hosts, and a set of one or more resources; 
 determining, based on the lease token, one or more resources, hosted by the session host apparatus, that the session client is authorized to access; 
 sending connection information to the session client based on the determined resources, after determining that the session client is authorized to access the one or more resources; and 
 establishing a session with the session client to provide access to the one or more determined resources. 
 
     
     
       2. The session host apparatus of  claim 1 , wherein determining comprises checking a lease token revocation database to determine whether the lease token has been revoked. 
     
     
       3. The session host apparatus of  claim 1 , wherein the lease token is signed by a trusted connection broker. 
     
     
       4. The session host apparatus of  claim 1 , wherein the lease token comprises a plurality of security policy data fields, each security policy data field defining a different one of:
 a set of one or more access conditions; 
 a connection limit; 
 a maximum idle time; and 
 a maximum disconnect time. 
 
     
     
       5. The session host apparatus of  claim 4 , wherein the access conditions depend on a state of anti-malware software on the session client. 
     
     
       6. A connection broker apparatus, comprising:
 a processor controlling operations of the connection broker apparatus; and 
 memory storing computer readable instructions that, when executed by the processor, cause the connection broker apparatus to administer a connection lease by: 
 receiving a connection request from a session client; 
 based on the session client, determining:
 one or more session hosts the client is authorized to establish a session with, and 
 one or more resources the client is authorized to access on said one or more session hosts; 
 
 generating a lease token as a data package having a first data field identifying a lease number, a second data field identifying the one or more session hosts, a third data field identifying the one or more resources, and a fourth data field identifying the session client, wherein the lease token is a self-sustaining data package of cryptographically signed connection lease data from which the one or more session hosts can determine whether the session client device is authorized to access the one or more resources; 
 cryptographically signing the lease token to verify that the lease token originated at the connection broker apparatus; and 
 sending the signed lease token to a lease store for storage. 
 
     
     
       7. The connection broker apparatus of  claim 6 , wherein sending the lease token includes sending the lease token to the session client for storage on the lease client. 
     
     
       8. The connection broker apparatus of  claim 6 , wherein sending the lease token includes sending the lease token to a central lease store accessible by the one or more identified session hosts. 
     
     
       9. The connection broker apparatus of  claim 6 , said instructions further causing the connection broker apparatus to perform:
 receiving a request to revoke the lease token; and 
 revoking the lease token by publishing the lease number to a central revocation list. 
 
     
     
       10. The connection broker apparatus of  claim 6 , said instructions further causing the connection broker apparatus to perform:
 receiving a request to revoke the lease token; and 
 revoking the lease token by sending a revocation message to each of the one or more session hosts identified in the lease token. 
 
     
     
       11. The connection broker apparatus of  claim 6 , said instructions further causing the connection broker apparatus to perform:
 receiving a request to revoke the lease token; and 
 revoking the lease token by revoking a cryptographic key used to sign the lease token. 
 
     
     
       12. The connection broker apparatus of  claim 6 , wherein the lease token further includes a fifth data field identifying a set of one or more access conditions, a sixth data field identifying a connection limit, a seventh data field identifying a maximum idle time, and an eighth data field identifying a maximum disconnect time, wherein each of the fifth through eighth data fields are usable by a session host identified in the second data field to implement a security policy. 
     
     
       13. A method comprising:
 receiving a connection request at a connection broker apparatus from a session client; 
 determining, based on the session client:
 one or more session hosts the client is authorized to establish a session with, and 
 one or more resources the client is authorized to access on said one or more session hosts; 
 
 generating a lease token as a data package having a first data field identifying a lease number, a second data field identifying the one or more session hosts, a third data field identifying the one or more resources, and a fourth data field identifying the session client; 
 cryptographically signing the lease token to verify that the lease token originated at the connection broker apparatus, such that the lease token is a self-sustaining data package of cryptographically signed connection lease data from which the one or more session hosts can determine whether the session client device is authorized to access the one or more resources; and 
 sending the signed lease token to a lease store for storage. 
 
     
     
       14. The method of  claim 13 , wherein sending the lease token includes sending the lease token to the session client for storage on the lease client. 
     
     
       15. The method of  claim 13 , wherein sending the lease token includes sending the lease token to a central lease store accessible by the one or more identified session hosts. 
     
     
       16. The method of  claim 13 , further comprising revoking the lease token by publishing the lease number to a central revocation list. 
     
     
       17. The method of  claim 13 , further comprising revoking the lease token by sending a revocation message to each of the one or more session hosts identified in the lease token. 
     
     
       18. The method of  claim 13 , further comprising revoking the lease token by revoking a cryptographic key used to sign the lease token. 
     
     
       19. The method of  claim 13 , wherein generating comprises generating the lease token to include a fifth data field identifying a set of one or more access conditions, a sixth data field identifying a connection limit, a seventh data field identifying a maximum idle time, and an eighth data field identifying a maximum disconnect time, wherein each of the fifth through eighth data fields are usable by a session host identified in the second data field to implement a security policy.

Join the waitlist — get patent alerts

Track US9426227B2 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.